Re: Someone scanning for new PHP issues?

You are right that the second trap is searching for the horde
exploit. The first one you link to is for the remote code execution
exploit in the Vwar gaming clan management system, with exploit code
published publicly on 02 April 06. For reference, full sample
exploit code is here:

For web app exploits such as these, it is simpler to get the details
out of your web server logs (presuming you are running a web server
at the targeted IP, and are keeping logs) as the extracts you provide
only confuse the issue for simple attack vectors like these.

Established in mid 2004, Jongsma & Jongsma Pty. Ltd. is a pure
Research and Development company focussing on advanced software and
hardware concepts. Since inception, Jongsma & Jongsma Pty. Ltd. has
already developed software tools for advanced user and security
management in web applications, complete data protection, and
effective phishing defences for financial companies.

Sûnnet Beskerming Pty. Ltd.

Established in mid 2004, Sûnnet Beskerming Pty. Ltd. is the sister
company to Jongsma & Jongsma Pty. Ltd., and was formed to develop and
commercialise the research coming out of Jongsma & Jongsma Pty. Ltd..
Sûnnet Beskerming Pty. Ltd. is an Information Security specialist
and, in conjunction with the tools developed by Jongsma & Jongsma
Pty. Ltd., provides total security solutions and services, from the
perimeter to internal data stores, including web application security
and security testing and analysis.